Software Configuration Guide
Page 2
...Catalyst 3560 Switch Software Configuration Guide Copyright © 2004 Cisco Systems, Inc. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. All rights reserved. and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco... its affiliates in this document or Web site are trademarks of Cisco Systems, Inc. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO ...
...Catalyst 3560 Switch Software Configuration Guide Copyright © 2004 Cisco Systems, Inc. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. All rights reserved. and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco... its affiliates in this document or Web site are trademarks of Cisco Systems, Inc. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO ...
Software Configuration Guide
Page 5
...14 Topology View 3-15 CMS Icons 3-16 Where to Go Next 3-16 Assigning the Switch IP Address and Default Gateway 4-1 Understanding the Boot Process 4-1 Assigning Switch Information 4-2 Default Switch Information 4-3 Understanding DHCP-Based Autoconfiguration 4-3 DHCP Client Request Process 4-4 Configuring DHCP-Based... a Configuration File 4-12 Specifying the Filename to Read and Write the System Configuration 4-12 Booting Manually 4-13 Booting a Specific Software Image 4-13 Controlling Environment Variables 4-14 Scheduling a Reload of the Software Image 4-16 Configuring a Scheduled Reload 4-16...
...14 Topology View 3-15 CMS Icons 3-16 Where to Go Next 3-16 Assigning the Switch IP Address and Default Gateway 4-1 Understanding the Boot Process 4-1 Assigning Switch Information 4-2 Default Switch Information 4-3 Understanding DHCP-Based Autoconfiguration 4-3 DHCP Client Request Process 4-4 Configuring DHCP-Based... a Configuration File 4-12 Specifying the Filename to Read and Write the System Configuration 4-12 Booting Manually 4-13 Booting a Specific Software Image 4-13 Controlling Environment Variables 4-14 Scheduling a Reload of the Software Image 4-16 Configuring a Scheduled Reload 4-16...
Software Configuration Guide
Page 6
... 5-15 Availability of Switch-Specific Features in Switch Clusters 5-15 Creating a Switch Cluster 5-16 Enabling a Cluster Command Switch 5-16 Adding Cluster Member Switches 5-17 Creating a Cluster Standby Group 5-19 Verifying a Switch Cluster 5-20 Using the CLI to Manage Switch Clusters 5-21 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-22 Using SNMP to Manage Switch Clusters 5-22 Catalyst 3560 Switch Software Configuration Guide vi...
... 5-15 Availability of Switch-Specific Features in Switch Clusters 5-15 Creating a Switch Cluster 5-16 Enabling a Cluster Command Switch 5-16 Adding Cluster Member Switches 5-17 Creating a Cluster Standby Group 5-19 Verifying a Switch Cluster 5-20 Using the CLI to Manage Switch Clusters 5-21 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-22 Using SNMP to Manage Switch Clusters 5-22 Catalyst 3560 Switch Software Configuration Guide vi...
Software Configuration Guide
Page 9
... RADIUS Accounting 8-28 Configuring Settings for All RADIUS Servers 8-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-31 Displaying the RADIUS Configuration 8-31 Controlling Switch Access with Kerberos 8-32 Understanding Kerberos 8-32 Kerberos Operation 8-34 Authenticating to...Roles 9-2 Authentication Initiation and Message Exchange 9-3 Ports in Authorized and Unauthorized States 9-4 Supported Topologies 9-4 Using 802.1X with Port Security 9-5 Catalyst 3560 Switch Software Configuration Guide ix
... RADIUS Accounting 8-28 Configuring Settings for All RADIUS Servers 8-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-31 Displaying the RADIUS Configuration 8-31 Controlling Switch Access with Kerberos 8-32 Understanding Kerberos 8-32 Kerberos Operation 8-34 Authenticating to...Roles 9-2 Authentication Initiation and Message Exchange 9-3 Ports in Authorized and Unauthorized States 9-4 Supported Topologies 9-4 Using 802.1X with Port Security 9-5 Catalyst 3560 Switch Software Configuration Guide ix
Software Configuration Guide
Page 29
... Password Recovery Disabled 35-6 Recovering from a Command Switch Failure 35-8 Replacing a Failed Command Switch with a Cluster Member 35-8 Replacing a Failed Command Switch with Another Switch 35-10 Recovering from Lost Cluster Member Connectivity 35...-11 Preventing Autonegotiation Mismatches 35-12 Troubleshooting Power over Ethernet Switch Ports 35-12 SFP Module Security and Identification 35-12 Using Ping...-16 Executing IP Traceroute 35-17 Using Debug Commands 35-18 Enabling Debugging on a Specific Feature 35-18 Enabling All-System Diagnostics 35-19 Redirecting Debug and Error Message Output...
... Password Recovery Disabled 35-6 Recovering from a Command Switch Failure 35-8 Replacing a Failed Command Switch with a Cluster Member 35-8 Replacing a Failed Command Switch with Another Switch 35-10 Recovering from Lost Cluster Member Connectivity 35...-11 Preventing Autonegotiation Mismatches 35-12 Troubleshooting Power over Ethernet Switch Ports 35-12 SFP Module Security and Identification 35-12 Using Ping...-16 Executing IP Traceroute 35-17 Using Debug Commands 35-18 Enabling Debugging on a Specific Feature 35-18 Enabling All-System Diagnostics 35-19 Redirecting Debug and Error Message Output...
Software Configuration Guide
Page 40
... levels for data applications, and security. - Interactive guide mode that can join a cluster and to accomplish specific tasks. - Features Chapter 1 Overview The Catalyst 3560 switches have these features: • Ease-of-Use and Ease-of-Deployment Features, page 1-2 • Performance... time, such as VLAN and QoS settings, inventory and statistic reports, link- and switch-level monitoring and troubleshooting, and multiple switch software upgrades. - Catalyst 3560 Switch Software Configuration Guide 1-2 78-16156-01 Automated configuration wizards that is , supports encryption]...
... levels for data applications, and security. - Interactive guide mode that can join a cluster and to accomplish specific tasks. - Features Chapter 1 Overview The Catalyst 3560 switches have these features: • Ease-of-Use and Ease-of-Deployment Features, page 1-2 • Performance... time, such as VLAN and QoS settings, inventory and statistic reports, link- and switch-level monitoring and troubleshooting, and multiple switch software upgrades. - Catalyst 3560 Switch Software Configuration Guide 1-2 78-16156-01 Automated configuration wizards that is , supports encryption]...
Software Configuration Guide
Page 42
...Management Options • CMS-CMS is running platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of the SMI and EMI) Catalyst 3560 Switch Software Configuration Guide 1-4 78-16156-01 You can be launched from anywhere in this section is ... more information about the CLI, see Chapter 3, "Getting Started with specific source or destination MAC addresses • Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping between the switch and other DHCP options to IP hosts • Directed unicast requests to...
...Management Options • CMS-CMS is running platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of the SMI and EMI) Catalyst 3560 Switch Software Configuration Guide 1-4 78-16156-01 You can be launched from anywhere in this section is ... more information about the CLI, see Chapter 3, "Getting Started with specific source or destination MAC addresses • Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping between the switch and other DHCP options to IP hosts • Directed unicast requests to...
Software Configuration Guide
Page 45
... interface (shaping or sharing is the only supported mode on the switch port for detecting the presence of a Cisco IP phone, trusting the CoS value received, and ensuring port security... empty and do not use their share of the bandwidth. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-7 Two configurable ingress queues for different traffic classifications - IP...queue lengths and providing drop precedences for prioritizing mission-critical traffic in aggregate to restrict specific applications or traffic flows to metered, predefined rates • Out-of-Profile - Aggregate...
... interface (shaping or sharing is the only supported mode on the switch port for detecting the presence of a Cisco IP phone, trusting the CoS value received, and ensuring port security... empty and do not use their share of the bandwidth. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-7 Two configurable ingress queues for different traffic classifications - IP...queue lengths and providing drop precedences for prioritizing mission-critical traffic in aggregate to restrict specific applications or traffic flows to metered, predefined rates • Out-of-Profile - Aggregate...
Software Configuration Guide
Page 47
... ... If you can change the interface-specific and system-wide settings. Chapter 4, "Assigning the Switch IP Address and Default Gateway" Chapter 5, "Clustering Switches" Chapter 6, "Administering the Switch" Chapter 9, "Configuring 802.1X Port-Based Authentication" 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-9 Table 1-1 Default Settings After Initial Switch Configuration Feature Switch IP address, subnet mask, and default...
... ... If you can change the interface-specific and system-wide settings. Chapter 4, "Assigning the Switch IP Address and Default Gateway" Chapter 5, "Clustering Switches" Chapter 6, "Administering the Switch" Chapter 9, "Configuring 802.1X Port-Based Authentication" 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-9 Table 1-1 Default Settings After Initial Switch Configuration Feature Switch IP address, subnet mask, and default...
Software Configuration Guide
Page 51
...accessing critical pieces of up to an AC power source. In addition to inter-VLAN routing, the multilayer switches provide QoS mechanisms such as Cisco IP Phones). If congestion occurs, QoS drops low-priority traffic to allow delivery of network traffic and ...Catalyst Long-Reach Ethernet (LRE) switches to provide up to Medium-Sized Network Using Catalyst 3560 Switches Figure 1-1 shows a configuration for load sharing and redundancy. Each PoE switch port provides 15.4 W of IP connectivity over data traffic. A growing demand for voice traffic. Refer to the documentation sets specific...
...accessing critical pieces of up to an AC power source. In addition to inter-VLAN routing, the multilayer switches provide QoS mechanisms such as Cisco IP Phones). If congestion occurs, QoS drops low-priority traffic to allow delivery of network traffic and ...Catalyst Long-Reach Ethernet (LRE) switches to provide up to Medium-Sized Network Using Catalyst 3560 Switches Figure 1-1 shows a configuration for load sharing and redundancy. Each PoE switch port provides 15.4 W of IP connectivity over data traffic. A growing demand for voice traffic. Refer to the documentation sets specific...
Software Configuration Guide
Page 56
... you have entered. Interface configuration While in global configuration mode, specify a line with a specific interface). Switch(config-if)# To exit to global Use this mode to exit. Switch(config-line)# To exit to configure configuration mode, parameters for the Ethernet enter exit. Enter...global configuration mode, enter the exit command. VLAN configuration While in privileged EXEC mode, enter the configure command. Catalyst 3560 Switch Software Configuration Guide 2-2 78-16156-01 Enter logout or quit. Global configuration While in privileged EXEC mode, enter ...
... you have entered. Interface configuration While in global configuration mode, specify a line with a specific interface). Switch(config-if)# To exit to global Use this mode to exit. Switch(config-line)# To exit to configure configuration mode, parameters for the Ethernet enter exit. Enter...global configuration mode, enter the exit command. VLAN configuration While in privileged EXEC mode, enter the configure command. Catalyst 3560 Switch Software Configuration Guide 2-2 78-16156-01 Enter logout or quit. Global configuration While in privileged EXEC mode, enter ...
Software Configuration Guide
Page 60
...no editing To re-enable the enhanced editing mode for the current terminal session, enter this command in privileged EXEC mode: Switch# terminal editing To reconfigure a specific line to have enhanced editing. right arrow key. Move the cursor to edit command lines. These keystrokes are optional. ...commands from the buffer and paste them in the buffer. Catalyst 3560 Switch Software Configuration Guide 2-6 78-16156-01 left of the cursor with the last ten items that can disable it, re-enable it, or configure a specific line to Press Ctrl-B, or press the Move the cursor...
...no editing To re-enable the enhanced editing mode for the current terminal session, enter this command in privileged EXEC mode: Switch# terminal editing To reconfigure a specific line to have enhanced editing. right arrow key. Move the cursor to edit command lines. These keystrokes are optional. ...commands from the buffer and paste them in the buffer. Catalyst 3560 Switch Software Configuration Guide 2-6 78-16156-01 left of the cursor with the last ten items that can disable it, re-enable it, or configure a specific line to Press Ctrl-B, or press the Move the cursor...
Software Configuration Guide
Page 66
... show or hide the feature bar. Figure 3-1 Menu Bar Catalyst 3560 Switch Software Configuration Guide 3-2 78-16156-01 You can select multiple ports or multiple switches and configure them with CMS Front Panel View The Front Panel view displays the Front Panel image of a specific set of link reports and link graphs. From this...
... show or hide the feature bar. Figure 3-1 Menu Bar Catalyst 3560 Switch Software Configuration Guide 3-2 78-16156-01 You can select multiple ports or multiple switches and configure them with CMS Front Panel View The Front Panel view displays the Front Panel image of a specific set of link reports and link graphs. From this...
Software Configuration Guide
Page 69
... or popup menu. Sometimes the information in which you click Guide Mode and then select a feature that supports it applies to Cisco Systems Inc. Wizards are available. When you configure the feature options. If you select Guide Mode but you enter the information in..., you select another configuration option. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 3-5 A person icon appears next to display an online form. Click Feedback to features that are supported by -step approach for completing a specific configuration task. Guide mode takes you click Finish in...
... or popup menu. Sometimes the information in which you click Guide Mode and then select a feature that supports it applies to Cisco Systems Inc. Wizards are available. When you configure the feature options. If you select Guide Mode but you enter the information in..., you select another configuration option. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 3-5 A person icon appears next to display an online form. Click Feedback to features that are supported by -step approach for completing a specific configuration task. Guide mode takes you click Finish in...
Software Configuration Guide
Page 70
...information about the read -only access mode, see the "Privilege Levels" section on page 3-7. Similar to set up default configurations. Catalyst 3560 Switch Software Configuration Guide 3-6 78-16156-01 For more information about the parameter fields by -step approach for that has Wizard in a...page 3-7. Wizards are not available for all the parameter fields of a feature in the name, the wizard launches for completing a specific configuration task. If you change the interaction mode after selecting a configuration option, the mode change does not take effect until you must...
...information about the read -only access mode, see the "Privilege Levels" section on page 3-7. Similar to set up default configurations. Catalyst 3560 Switch Software Configuration Guide 3-6 78-16156-01 For more information about the parameter fields by -step approach for that has Wizard in a...page 3-7. Wizards are not available for all the parameter fields of a feature in the name, the wizard launches for completing a specific configuration task. If you change the interaction mode after selecting a configuration option, the mode change does not take effect until you must...
Software Configuration Guide
Page 74
.... • CMS on the switch. 3-10 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Cluster management options are not the same as this release. This is the earliest version of CMS. Refer to the documentation specific to the switch and its Ethernet ports and to... of authentication (the enable password) to communicate with the switch through CMS, remember that clusters can differ between Cisco IOS releases and switch platforms: • On Catalyst switches running Cisco IOS Release 12.0(5)WC2 or earlier or Cisco IOS Release 12.1(6)EA1 or earlier, the CMS versions in...
.... • CMS on the switch. 3-10 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Cluster management options are not the same as this release. This is the earliest version of CMS. Refer to the documentation specific to the switch and its Ethernet ports and to... of authentication (the enable password) to communicate with the switch through CMS, remember that clusters can differ between Cisco IOS releases and switch platforms: • On Catalyst switches running Cisco IOS Release 12.0(5)WC2 or earlier or Cisco IOS Release 12.1(6)EA1 or earlier, the CMS versions in...
Software Configuration Guide
Page 78
... the front-panel image of the specific switch. You can select more switches to be displayed. You can choose and configure the switches that appear in Figure 3-6. When CMS is launched from a command switch, you can drag the switches that appear and re-arrange them.... Figure 3-7 Front Panel View and Port Popup Menu 1 2 98674 3 4 1 Cluster tree 2 Command switch 3 check boxes to show switches 4 Port configuration popup menu 3-14 Catalyst 3560 Switch Software Configuration Guide 78...
... the front-panel image of the specific switch. You can select more switches to be displayed. You can choose and configure the switches that appear in Figure 3-6. When CMS is launched from a command switch, you can drag the switches that appear and re-arrange them.... Figure 3-7 Front Panel View and Port Popup Menu 1 2 98674 3 4 1 Cluster tree 2 Command switch 3 check boxes to show switches 4 Port configuration popup menu 3-14 Catalyst 3560 Switch Software Configuration Guide 78...
Software Configuration Guide
Page 79
... are connected to the release notes for a list of a cluster with a Catalyst 3550 switch as Switch Manager). Device Manager is launched from a command switch, the Topology view appears by the *CMD* label) and the devices that ...Catalyst 3560 Switch Software Configuration Guide 3-15 Chapter 3 Getting Started with CMS Displaying CMS Note Figure 3-7 shows a cluster with a Catalyst 3560 switch as shown in the cluster, you launch a separate CMS session. The Device Manager interface can vary among the Catalyst switch platforms. Topology View When CMS is for a specific switch...
... are connected to the release notes for a list of a cluster with a Catalyst 3550 switch as Switch Manager). Device Manager is launched from a command switch, the Topology view appears by the *CMD* label) and the devices that ...Catalyst 3560 Switch Software Configuration Guide 3-15 Chapter 3 Getting Started with CMS Displaying CMS Note Figure 3-7 shows a cluster with a Catalyst 3560 switch as shown in the cluster, you launch a separate CMS session. The Device Manager interface can vary among the Catalyst switch platforms. Topology View When CMS is for a specific switch...
Software Configuration Guide
Page 80
...and devices. This view does not display the details of the specific command or member switch that can add and remove cluster members. From this release. This view shows the command switch and member switches in this view, you access. The view shows how the ... in the online help . 3-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 To display a different switch cluster, you need to access the command switch or member switch of the network topology: • Expand Cluster-When you right-click a command-switch icon and select Collapse Cluster, the ...
...and devices. This view does not display the details of the specific command or member switch that can add and remove cluster members. From this release. This view shows the command switch and member switches in this view, you access. The view shows how the ... in the online help . 3-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 To display a different switch cluster, you need to access the command switch or member switch of the network topology: • Expand Cluster-When you right-click a command-switch icon and select Collapse Cluster, the ...
Software Configuration Guide
Page 82
...Protocol, recover from a Lost or Forgotten Password" section on page 35-4. Catalyst 3560 Switch Software Configuration Guide 4-2 78-16156-01 Normally, the boot loader is used . Before you can assign switch information, make sure you can disable password recovery. For more information about... the XMODEM Protocol" section on Cisco.com. Use a DHCP server for specific IP information. Note You can also configure a host name and an enable secret password. Use the switch setup program if you can assign IP information through the switch setup program, through a Dynamic...
...Protocol, recover from a Lost or Forgotten Password" section on page 35-4. Catalyst 3560 Switch Software Configuration Guide 4-2 78-16156-01 Normally, the boot loader is used . Before you can assign switch information, make sure you can disable password recovery. For more information about... the XMODEM Protocol" section on Cisco.com. Use a DHCP server for specific IP information. Note You can also configure a host name and an enable secret password. Use the switch setup program if you can assign IP information through the switch setup program, through a Dynamic...